public bool Authorize(int userId, string schemaId, string actionId)
{
if(string.IsNullOrWhiteSpace(schemaId))
throw new ArgumentNullException("schemaId");
if(string.IsNullOrWhiteSpace(actionId))
throw new ArgumentNullException("actionId");
//创建授权事件参数
var args = new AuthorizationEventArgs(userId, schemaId, actionId, true);
//激发“Authorizing”事件
this.OnAuthorizing(args);
//如果时间参数指定的验证结果为失败,则直接返回失败
if(!args.IsAuthorized)
return false;
//获取指定的安全凭证对应的有效的授权状态集
var states = this.GetAuthorizedStates(userId, MemberType.User);
args.IsAuthorized = states != null && states.Any(state => string.Equals(state.SchemaId, schemaId, StringComparison.OrdinalIgnoreCase) &&
string.Equals(state.ActionId, actionId, StringComparison.OrdinalIgnoreCase));
//激发“Authorized”事件
this.OnAuthorized(args);
//返回最终的验证结果
return args.IsAuthorized;
}
protected virtual void OnAuthorized(AuthorizationEventArgs args)
{
var handler = this.Authorized;
if(handler != null)
handler(this, args);
}
